Cyber Security – a talk by Laura Cowie

Members of West Dartmoor U3A were addressed by Laura Cowie, Cyber Protect Officer for Devon & Cornwall Police, assisted by Grahame Mace, formerly of City of London Police. This body reports to the National Crime Agency. Its remit is the prosecution of criminals and the disruption of their activities, preventing these activities where possible, reducing their impact and increasing the protection of businesses, banks, individuals and bodies like the U3A.

Laura distinguished between new crimes that were cyber-dependent, like the launching of viruses, trojans or spyware, and pre-existing crimes that were made easier by use of the internet, like drug-trafficking, fraud and data or identity theft. Traditionally, criminals had to be present at the crime scene and so risked being caught red-handed; today they may be sitting at a computer halfway across the world, so potentially high reward is available at low risk.

One problem for the police is that many victims fail to report such crimes; having perhaps been reimbursed by their bank for a loss due to fraud they feel ashamed to have been gulled, so the crime goes unreported and unpunished.

The scope of the internet is astronomical with e-mails, social media, texts, online shopping etc, and many hundreds of millions of transactions are carried out every day. Worldwide there are more devices connected to the internet than there are people; it is worth doing an audit of one’s own devices so connected. The threat is real; Laura recalled the Wannacry ransomware attack of 2017, which disabled parts of the NHS, and the data breach at Talk Talk in 2015. In 2017 in England and Wales alone there were over 5 million frauds and 2.5 million other cybercrimes. In 2017 Devon and Cornwall reported over a million attacks to Action Fraud. Possible attackers are cybercriminals, commercial competitors, hackers, disgruntled employees and “hacktivists” (those who hack to further their own agenda). The government regards the threat from cybercrime as similar to that from terrorism.

Amongst online threats we should particularly beware of “phishing” (seemingly authentic emails or texts from official bodies) attempting to get us to click on links that will give the criminals access to our computer and personal data), ransomware, which renders our files inaccessible unless we pay up (the advice here is always to back files up and never to pay, as that does not guarantee subsequent access) and computer service fraud, where we receive a cold call telling us there is something wrong with our computer and asking us to let the caller into our system to repair it. This we should never do.

As for social media, we were advised to check the terms and conditions of accounts with Facebook, Instagram, Twitter and the others. Instagram, for example, reserves the right to use, circulate or even sell pictures posted on it without payment. We should delete apps and accounts that we no longer use and be careful what personal information we upload onto social media, which are not private.

Passwords should be strong, at least 15 characters long with a mixture of Upper and lower case letters and numerals; we should not use the same password for several accounts.